CVE-2007-5979

Cross-site scripting (XSS) vulnerability in download_plugin.php3 in F5 Firepass 4100 SSL VPN 5.4 through 5.5.2 and 6.0 through 6.0.1 allows remote attackers to inject arbitrary web script or HTML via the backurl parameter.

Link	Resource
http://www.procheckup.com/Vulnerability_PR07-13.php
https://support.f5.com/kb/en-us/solutions/public/7000/400/sol7498.html
http://www.securityfocus.com/bid/26412
http://www.securitytracker.com/id?1018937	Patch
http://secunia.com/advisories/27647	Vendor Advisory
http://securityreason.com/securityalert/3364
http://osvdb.org/38665
http://www.vupen.com/english/advisories/2007/3847
https://exchange.xforce.ibmcloud.com/vulnerabilities/38439
http://www.securityfocus.com/archive/1/483601/100/0/threaded

Configuration 1

cpe:2.3:h:f5:firepass_4100:5.4.7:*:*:*:*:*:*:* cpe:2.3:h:f5:firepass_4100:5.4.3:*:*:*:*:*:*:* cpe:2.3:h:f5:firepass_4100:5.4.1:*:*:*:*:*:*:* cpe:2.3:h:f5:firepass_4100:5.4.6:*:*:*:*:*:*:* cpe:2.3:h:f5:firepass_4100:5.4:*:*:*:*:*:*:* cpe:2.3:h:f5:firepass_4100:5.4.4:*:*:*:*:*:*:* cpe:2.3:h:f5:firepass_4100:5.4.9:*:*:*:*:*:*:* cpe:2.3:h:f5:firepass_4100:5.4.8:*:*:*:*:*:*:* cpe:2.3:h:f5:firepass_4100:5.5.1:*:*:*:*:*:*:* cpe:2.3:h:f5:firepass_4100:6.0:*:*:*:*:*:*:* cpe:2.3:h:f5:firepass_4100:5.4.5:*:*:*:*:*:*:* cpe:2.3:h:f5:firepass_4100:5.5.0:*:*:*:*:*:*:* cpe:2.3:h:f5:firepass_4100:5.4.2:*:*:*:*:*:*:* cpe:2.3:h:f5:firepass_4100:6.0.1:*:*:*:*:*:*:*

---

Published : 2007-11-15 12:46

Updated : 2018-10-15 09:48

---

NVD link : CVE-2007-5979

Mitre link : CVE-2007-5979

No products.

CWE-79